mån 2006-12-18 klockan 23:41 -0500 skrev Brian J. Murrell:
> Indeed. And it can be done, I think, by adding native KRB5 support to
> ntlm_auth (right now ntlm_auth assumes everything will be wrapped in
> SPNEGO), but it would be less hacking there if Firefox could be
> convinced to use SPNEGO on non-windows platform, even when all it has
> are KRB5 (or any other non MS specific) credentials.
The Negotiate scheme is SPNEGO by definition.
Native KRB5 is the Kerberos scheme..
But adding a native Kerberos interface to ntlm_auth would make sense as
well, much like it has a native NTLM interface. Skipping SPNEGO.
But we do not yet have support for the Kerberos scheme in Squid. But
it's just to make a copy of Negotiate and rename it to Kerberos..
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Mon Jan 01 2007 - 12:00:01 MST